Overview

overview

7

Static

static

5

30e82a4655...18.exe

windows7-x64

7

30e82a4655...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    30e82a465522f15450d834f3cf298911_JaffaCakes118

  • Size

    78KB

  • Sample

    241010-t9etla1dpj

  • MD5

    30e82a465522f15450d834f3cf298911

  • SHA1

    9d6408ef40079b76fb76ce29481228a40aa45ee9

  • SHA256

    fb15ff4da2ca39f7d5e48e70e85a8328934f5bae46f7b226f303fa44e8e8abb4

  • SHA512

    502d8ba3345687f5cff5bf4072f5f44828c015bab2fa8aac4f5f5cf330a2952b0ebc6cdae442624747062b3b2eef40d83b58386656f4962e96560acd2566a3a9

  • SSDEEP

    1536:SKcR4mjD9r823FHKcR4mjD9r823F4rDxgGU/dt:SKcWmjRrz3ZKcWmjRrz3Eyx7

Score
7/10
discoverypersistencespywarestealerupx

Malware Config

Targets

    • Target

      30e82a465522f15450d834f3cf298911_JaffaCakes118

    • Size

      78KB

    • MD5

      30e82a465522f15450d834f3cf298911

    • SHA1

      9d6408ef40079b76fb76ce29481228a40aa45ee9

    • SHA256

      fb15ff4da2ca39f7d5e48e70e85a8328934f5bae46f7b226f303fa44e8e8abb4

    • SHA512

      502d8ba3345687f5cff5bf4072f5f44828c015bab2fa8aac4f5f5cf330a2952b0ebc6cdae442624747062b3b2eef40d83b58386656f4962e96560acd2566a3a9

    • SSDEEP

      1536:SKcR4mjD9r823FHKcR4mjD9r823F4rDxgGU/dt:SKcWmjRrz3ZKcWmjRrz3Eyx7

    Score
    7/10
    discoverypersistencespywarestealerupx

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks